<?php
namespace app\common\middleware;

use think\Response;
use app\common\lib\exception\ApiException;
class CrossDomain
{
    public function handle($request, \Closure $next)
    {
        // header('Access-Control-Allow-Origin: *');
        // header('Access-Control-Expose-Headers: Sekey, Authorization');
        // header('Access-Control-Allow-Headers: Cookie, X-Requested-With, Content-Type, Origin, Accept, Authorization,Sign');
        // header('Access-Control-Allow-Methods: HEAD, POST, GET, PUT, OPTIONS');
        header('Access-Control-Allow-Origin: *');
		header("Access-Control-Allow-Headers: authorization");
		header('Access-Control-Allow-Methods: GET, POST, PUT,DELETE');
		
  //       if($request->isOptions()){
  //           return json(200, 200);
  //       }else{
		// 	$headers = request()->header();
		// 	if(empty($headers['sign'])){
		// 		throw new ApiException('sign不存在', 400);
		// 	}
		// }
        return $next($request);
    }
}